Vulnerabilities > SAP > Netweaver AS Internet Graphics Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-09 | CVE-2021-27620 | Out-of-bounds Write vulnerability in SAP Netweaver AS Internet Graphics Server SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method Ups::AddPart() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. | 5.9 |
| 2021-06-09 | CVE-2021-27622 | Out-of-bounds Write vulnerability in SAP Netweaver AS Internet Graphics Server SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CDrawRaster::LoadImageFromMemory() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. | 5.9 |
| 2021-06-09 | CVE-2021-27623 | Out-of-bounds Write vulnerability in SAP Netweaver AS Internet Graphics Server SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CXmlUtility::CheckLength() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. | 5.9 |
| 2021-06-09 | CVE-2021-27624 | Out-of-bounds Write vulnerability in SAP Netweaver AS Internet Graphics Server SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CiXMLIStreamRawBuffer::readRaw () which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. | 5.9 |
| 2021-06-09 | CVE-2021-27625 | Out-of-bounds Write vulnerability in SAP Netweaver AS Internet Graphics Server SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method IgsData::freeMemory() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. | 5.9 |
| 2021-06-09 | CVE-2021-27626 | Out-of-bounds Write vulnerability in SAP Netweaver AS Internet Graphics Server SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CMiniXMLParser::Parse() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. | 5.9 |
| 2021-06-09 | CVE-2021-27627 | Out-of-bounds Write vulnerability in SAP Netweaver AS Internet Graphics Server SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20_EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method ChartInterpreter::DoIt() which will trigger an internal memory corruption error in the system causing the system to crash and rendering it unavailable. | 5.9 |